14 Sources
[1]
Google sues Chinese cybercrime network that used Gemini to automate scams
Google loves telling us all the ways people are using its generative AI products to build new things, grow businesses, and save the world. Supposedly. Of course, people are also using AI for crime. Google has announced a new legal salvo aimed at a Chinese group called Outsider Enterprise, which is allegedly responsible for a massive AI-powered scam campaign. Google says it's working with law enforcement and mobile carriers to fight back. According to Google's legal filing, Outsider Enterprise operates through Telegram. The group offers phishing-as-a-service to individuals who may not be technically savvy enough to set up fraudulent websites and text campaigns on their own. In its Telegram channels, Outsider Enterprise reportedly provided instructions on how to use Google's Gemini AI to create websites that imitate those of Google, YouTube, and government agencies such as New York's E-ZPass. The group offered nearly 300 scam templates. Google says that scams enabled by Outsider Enterprise resulted in more than 2.5 million text messages being sent to Android users. About 55,000 of those messages happened in a two-week period last month. In all, Google has tracked 9,000 fake websites and 1 million URLs connected to the scam network. The text messages often made claims about account problems or issues with a package delivery. When users clicked on the links, they ended up on one of those fraudulent websites, designed by Gemini to look legitimate. The cybercriminals used these sites to steal personal data and banking details. Google's filing does not estimate the amount of money stolen through Outsider Enterprise scams, but the blog post notes that hundreds of people have lost some amount of money. Google worked with AT&T, Verizon, and T-Mobile to block many of these malicious text messages, and Google notes that its on-device scam detection in Google Messages probably helped reduce the number of successful phishing attempts, too. This AI-powered feature apparently stops 10 billion scam texts every month, so it's fair to expect it caught at least some Outsider Enterprise activity. Laws for AI threats Google has filed lawsuits against scammers before, but this is the first time it has taken direct action against a group alleged to be using Gemini as part of its scams. Google discusses the security measures it has baked into Gemini every time it announces a new model, but these can clash with the overarching need for chatbots to follow instructions and please users. And then you end up with thousands of scammers using Gemini to build fake websites. In addition to its civil lawsuit, Google is assisting the FBI's cybercrime division with a parallel criminal investigation. However, no one knows who's behind Outsider Enterprise, and even if Google did have names, there's little to be done when the perpetrators are in China. The company can go after fraudulent domains and Telegram accounts in hopes of disrupting the Outsider Enterprise operation, but the scams may simply change form. Google believes that the era of AI calls for new approaches to law enforcement, so it's taking this opportunity to renew its public support for a spate of legislation. The company has called out seven different potential federal laws, like the National Strategy for Combating Scams Act, the Strategic Task Force on Scam Prevention Act, and the AI Plan Act. Most of the legislation Google promotes calls on one or more federal law enforcement agencies to set up task forces to counter the threat of AI-assisted scams and market manipulation. One of them (Artificial Intelligence Public Awareness and Education Campaign Act) is aimed at improving the public's ability to spot malicious uses of AI. However, the industry-wide goal of attaining human-like intelligence in AI systems will only make this content harder for people to spot, even with all the well-meaning government legislation in the world.
[2]
Chinese cybercrime operation that used AI to scam 'hundreds of thousands of victims' sued by Google
Google is suing to dismantle the infrastructure behind an alleged massive AI-powered cybercrime operation. On Friday, the tech giant announced a lawsuit against an alleged Chinese cybercrime network called Outsider Enterprise, which Google says uses AI in its campaigns to send scam text messages impersonating Google and other brands to steal passwords and credit card numbers. Outsider Enterprise has financially scammed "hundreds of thousands of victims" with losses "estimated in the millions." The group deployed 9,000 fake websites, one million fraudulent web domains, and 2.5 million texts sent to Android users in a two-week period, according to Google. The company said, "55,000 spam texts were flagged by Android users in just two weeks this past May -- that's more than two text spam complaints a minute." Google said it uses "AI-powered tools to fight AI-powered scams," which enable the company to detect scams and alert users of suspicious calls and text messages, leading to the interception of more than 10 billion scam messages a month. The company said it has been collaborating with AT&T, T-Mobile, and Verizon to block the scam text messages, and said it is coordinating with the FBI. An FBI spokesperson told TechCrunch that the bureau, in coordination with Google and Lumen's Black Lotus Labs, seized several domains used by the cybercriminals, as well as Shopify storefronts and accounts used to test the operation's phishing service. The spokesperson said that since July 2023, Outsider Enterprise's phishing platform enabled cybercriminals to steal "at least an estimated 3,870,000 stolen credit cards and a corresponding estimated $1.9B in losses." Inside Outsider Enterprise In its complaint filed as part of the lawsuit, Google laid out the evidence it gathered against people involved in the Outsider Enterprise operations, whom the company said are foreign-based cybercriminals whose real identities are unknown. This group "built, maintains, and uses a turn-key, online software suite that enables criminals, regardless of technical skill, to publish fraudulent websites designed to rob victims and enrich themselves," according to the complaint. Google said this "phishing-for-dummies" software called Outsider, which costs $88 per week or $200 per month, allows operators to create fake websites with the help of AI platforms, including Google's own Gemini. The fake sites impersonate several services and companies, such as telecom providers, financial institutions, government agencies, and retailers. To lure people to the fake websites, the cybercriminals collaborate with one another to send victims malicious text messages, or purchase ads. The common goal is to steal passwords and corresponding multi-factor codes as well as financial information, which the scammers can do by receiving the data that victims input into the fake websites, with the information being transmitted through Outsider's platform in real-time. "Part of the Outsider software's appeal is the ease with which someone with limited technical expertise -- like many members of the Enterprise -- can purchase the software, execute various phishing attacks, and, upon purchase, meet other members of the Enterprise who are proficient in other areas," Google wrote, referring to Telegram channels where the cybercriminals can collaborate, train each other, discuss strategies, and develop phishing attacks. "The Enterprise brazenly coordinates its efforts in open and largely uncoded discussions on Telegram." According to Google, the Outsider platform allegedly offers cybercriminals "more than 290 pre-built templates that mimic the legitimate websites" that generate replicas of real websites "in minutes," along with guides on how to "weaponize AI-generated code," as well as a dashboard to track how progress of phishing campaigns. The cybercriminals have allegedly used Google Drive and Google Cloud infrastructure to host the phishing websites. "The Outsider software has been used to create over a million phishing websites to swindle innocent victims out of millions of dollars," Google wrote in the complaint. To give an idea of the scale of Outsider Enterprise's operation, Google said that over a five-month period, from November 14, 2025 to April 14, 2026, the company detected more than 1.59 million URLs connected to it. Google said the Outsider Enterprise operation is made up of several groups of cybercriminals: those who develop and maintain the phishing software and website templates; those who supply lists of targets curated from public records, social media, and data breaches; a "spammer group" that provides tools and the infrastructure to send scam texts in bulk, which includes smartphone banks, SIM cards, and modems; and those who monetize the stolen credentials and launder the stolen money. The cybercriminals have stolen "at least 36,000 payment cards issued by financial institutions in 95 countries," according to Google. The company accused the people behind Outsider Enterprise of impersonating Google and its brands, of infringing its copyright, of racketeering activities, of committing wire fraud, and false advertising. With the lawsuit, Google is seeking compensatory and punitive damages, and an order to stop the criminals from carrying out their activities. This story was originally published at 10:26 a.m. PDT and has since been updated with new information from Google's complaint, and the FBI's comment.
[3]
Google sues alleged Chinese cybercrime operation that used AI to send scam texts
Google is suing to dismantle the infrastructure behind an alleged massive AI-powered cybercrime operation. On Friday, the tech giant announced a lawsuit against an alleged Chinese cybercrime network called Outsider Enterprise, which Google says uses AI in its campaigns to send scam text messages impersonating Google and other brands to steal passwords and credit card numbers. Outsider Enterprise has financially scammed "hundreds of thousands of victims" with losses "estimated in the millions." The group deployed 9,000 fake websites, 1 million fraudulent web domains, and 2.5 million texts sent to Android users in a two-week period, according to Google. "55,000 spam texts were flagged by Android users in just two weeks this past May -- that's more than two text spam complaints a minute," Google said. Google said it uses "AI-powered tools to fight AI-powered scams", which enable the company to detect scams and alert users of suspicious calls and text messages, leading to the interception of more than 10 billion scam messages a month. The company said it has been collaborating with AT&T, T-Mobile, and Verizon to block the scam text messages and said it is coordinating with the FBI, which is taking unspecified law enforcement actions. The FBI did not immediately respond to a request for comment.
[4]
FBI dismantles Chinese phishing service that coached buyers to generate scam sites using AI -- $88 cybercrime product linked to $1.9 billion in losses, 3.87 million stolen cards
Operation Ghost Hook seized the infrastructure behind a subscription kit that the FBI ties to 3.87 million stolen cards. The FBI, Google, and Lumen Technologies say they've dismantled a China-based phishing-as-a-service operation called Outsider Enterprise, seizing its servers and payment wallets, and instigating a civil lawsuit. Sold through a Telegram bot for as little as $88 per week, the kit allowed buyers to spin up fake bank, toll, and delivery pages in minutes, with Google's complaint alleging its operators handed out tutorials teaching subscribers to prompt Gemini for the underlying code. The FBI links the platform to roughly 3.87 million stolen credit cards and an estimated $1.9 billion in losses since July 2023. Zero technical skill was required to operate the Outsider software. Subscribers simply paid $88 per week, or $200 per month, via a self-service Telegram bot before choosing from more than 290 pre-built templates impersonating banks, wireless carriers, government agencies, state DMVs, the U.S. Postal Service, and toll systems such as New York's E-ZPass, according to the complaint filed in the Southern District of New York. The kit captured victim data in real time and could request SMS codes, PINs, email codes, and app approvals on demand, allowing operators to retrieve one-time passcodes for two-factor authentication. Fake E-ZPass and other toll texts have driven a wave of fraud over the past two years. Google's filing alleges Outsider distributed step-by-step instructions, including a tutorial video, showing customers how to make Gemini write the HTML for a phishing page. The prompts were dressed up as requests for an innocuous "gift redemption page" built with inline CSS and no JavaScript, wording that was meant to read as ordinary coding help and avoid the model's safety filters. The resulting shell was imported back into the Outsider software and became a working scam site, multiplying the variations available from the 290 templates. Google has previously reported nation-state hackers using Gemini across phishing and intrusion campaigns, and researchers last year demonstrated a Gemini for Workspace flaw that obeyed instructions hidden inside emails. "Criminals increasingly use AI to make fraud like this more convincing and harder to detect," said Brett Leatherman, assistant director of the FBI's Cyber Division. The operation, dubbed Operation Ghost Hook and part of the FBI's wider Operation Riptide, seized the group's core admin domains, a Shopify storefront, and about $100,000 in USDT from Outsider payment wallets. Thousands of phishing domains registered through U.S. providers now redirect to an FBI splash page, and investigators used the group's own Telegram bot to pull data on its customers. Google's own count is narrower than the FBI's, citing hundreds of thousands of victims and 2.5 million scam texts sent to Android users over a two-week period in May. For its civil suit, the company is pursuing claims under the Racketeer Influenced and Corrupt Organizations (RICO) Act and trademark infringement, though it concedes the unnamed defendants are unlikely to face extradition from China. The action follows a Google suit against the Lighthouse phishing platform last November, tied to more than 1 million victims across 120 countries. Follow Tom's Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.
[5]
Google fires sueball at alleged Chinese phishers over AI-powered fraud ops
Telegram-based 'Outsider Enterprise' accused of sending millions of scam texts and impersonating trusted brands Google has sued an alleged China-based cybercrime operation it says used AI-powered phishing kits to blast out millions of scam text messages and funnel victims to fake websites designed to steal passwords, payment cards, and other sensitive information. The complaint targets a group Google refers to as the "Outsider Enterprise," which the company describes as a sprawling criminal network that operates on Telegram and supplies phishing tools to other fraudsters. According to Google's filing, the operation has been linked to more than 9,000 fraudulent websites, over one million malicious URLs, and scams that have allegedly defrauded hundreds of thousands of people. The group's biz model centers on distributing phishing kits that enable criminals to impersonate Google and other trusted brands through large-scale text message campaigns, Google claims. Victims are directed to fraudulent websites designed to steal login credentials, payment card details, and other sensitive information, it adds. Google's allegation is not that AI is somehow breaking into people's phones, but rather that the technology appears to have been used to help churn out phishing content, allowing the operation to push more scams, more quickly, and with less effort. Android users flagged more than 55,000 spam texts linked to the operation during a two-week period in May, we're told, while the company detected roughly 2.5 million messages containing links to Outsider-controlled websites sent to Android devices during the same time frame. The lawsuit forms part of a broader effort involving federal law enforcement and US telecom providers. Google said it is coordinating with the FBI, AT&T, T-Mobile, and Verizon to disrupt the infrastructure behind the campaigns and block malicious messages before they reach users. "The criminals behind the Outsider Enterprise built a business out of impersonating trusted brands to defraud hundreds of thousands of victims," said Brett Leatherman, assistant director of the FBI's Cyber Division. "Criminals increasingly use AI to make fraud like this more convincing and harder to detect. Together with partners like Google, we can disrupt criminal networks in ways no single organization could on its own." The lawsuit may never put the alleged operators in a courtroom, but it could still help pull apart the infrastructure behind the campaigns. ®
[6]
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans. The network is said to be behind the development and management of a phishing-as-a-service (PhaaS) software kit called Outsider, per the tech giant. "The operation weaponized Gemini to help generate fraudulent phishing pages and deploy massive SMS phishing ('smishing') attacks, often through text messages impersonating legitimate brands, alerting recipients of 'brokerage account issues' or insisting they are eligible for 'rewards through their mobile phone carrier,'" Google said. "The texts prompt users to click a link leading to a fraudulent website that mimics trusted institutions to steal personal and financial information." Google said it's filing the lawsuit to dismantle the network's infrastructure, and that it's partnering with AT&T, T-Mobile, and Verizon to block such messages from reaching customers. Outsider's operations, according to the company, are coordinated through Telegram, with the network distributing phishing kits that make it possible for threat actors to push fake text messages that claim to be from trusted brands. These schemes are estimated to have victimized more than 100,000 people, leading to millions of dollars in losses. In addition, 9,000 fake websites and more than 1.59 million fraudulent URLs tied to the phishing service have been identified between November 14, 2025, and April 14, 2026. In a two-week period from May 18 to June 1, 2026, Outside was responsible for 55,000 spam texts flagged by Android users. During the same timeframe, 2.5 million messages were sent by the network to Android users containing links to Outsider-generated websites. For as little as $88 a week, the kit allows criminals to create fraudulent websites, launch phishing campaigns, and steal victims' credit card numbers, bank account credentials, and personal data. A license can be purchased via a "self-service ordering bot" on Telegram (@OutsiderCodeBot). The service also offers more than 290 pre-built templates that impersonate legitimate websites of trusted institutions, real-time keystroke logging, and a performance dashboard to track the effectiveness of a campaign. "As if Outsider's plug-and-play simplicity were not alarming enough, the Enterprise has made the tool even more powerful by providing step-by-step instructions on how Outsider can weaponize AI-generated code," Google said in its complaint filed in Manhattan federal court. "Following those instructions, Enterprise members can use AI tools to generate programming code for a shell website, and copy and paste that code into Outsider to transform that shell into a fraudulent site that can be used to steal personal or financial information from their victims." Google said the prompts for Gemini and other AI platforms are framed as harmless requests for programming assistance, asking the model to generate HTML code to design a "gift redemption page" with the desired functionality and features, and instructing it to avoid using JavaScript and employ inline CSS to implement it. Once the counterfeit website is online, its URL is sent to potential victims via text messages. The Outsider Enterprise is said to include a number of interconnected groups that play different roles, but collaborate to execute phishing attacks using the phishing kit. This includes - * The Developer Group, which supplies the phishing software and templates * The Data Broker Group, which provides curated lists of people to target * The Spammer Group, which provides the tools to send fraudulent text messages in bulk * The Theft Group, which helps monetize stolen information (e.g., credit cards and credentials) and launder funds from stolen credit cards * The Telegram Group, which facilitates collaboration among members and recruits new members The advantage with such services, as in the case of recently disrupted Sniper Dz, is that they dramatically lower the barrier to entry for novice fraudsters lacking programming knowledge, who can leverage them to mount convincing phishing attacks with minimal effort and at scale. "The criminals behind the Outsider Enterprise built a business out of impersonating trusted brands to defraud hundreds of thousands of victims," said Brett Leatherman, assistant director of the U.S. Federal Bureau of Investigation's (FBI) Cyber Division. "Criminals increasingly use AI to make fraud like this more convincing and harder to detect." The development comes exactly seven months after Google filed another lawsuit in the U.S. against China-based hackers behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that ensnared over 1 million users across 120 countries.
[7]
Google sues Chinese scammers using Gemini AI for fraud - Engadget
The company is also promoting legislation to fight the potential of AI to create 'massive' scams. Google sued a Chinese cybercrime network for using its Gemini AI to perpetuate a "massive" scam operation, the company announced. The search giant has coordinated with the FBI, along with carriers AT&T, T-Mobile and Verizon to dismantle the operation. Google is also advocating for updated laws to deal with AI-driven attacks, saying the technology has the potential to "supercharge" threats. "This is our first coordinated effort and lawsuit and that speaks to the breadth of impact that this particular scam has," Google's general counsel DeLaine Prado told The New York Times in an interview. In its lawsuit, Google accused a Chinese organization called Outsider Enterprise of employing its technology and brand to commit fraud, requesting a restraining order so that the network can be shut down. The group allegedly used Gemini to create websites imitating Google, YouTube and government organizations including the US Postal Service and New York's E-ZPass toll service. Google didn't reveal what internal measures it took to address the issue, given it is in control of Gemini. The scam has impacted "hundreds of thousands of victims," Google said, with losses estimated in the millions. The group created 9,000 fake websites and one million fraudulent URLs, while creating 55,000 spam texts flagged by Android users and 2.5 million messages with links to fraudulent websites over just a two-week period. Google notes that all of this is from a single operation, which is why it's advocating for no less than seven bipartisan bills to curtail future AI scams. Those include the "National Strategy for Combatting Scams Act," "Strategic Task Force on Scam Prevention Act," "STOP Scams Against Seniors Act" and the AI Plan act. "This is not spam. It is organized transnational crime moving through our phones, and it demands a response as coordinated and aggressive as the threat itself," said congressman Brian Fitzpatrick (R-Pennsylvania). "Criminals increasingly use AI to make fraud like this more convincing and harder to detect," added FBI assistant director Brett Leatherman. "And we need a permanent solution to bring them to justice."
[8]
Google sues Chinese cybercrime ring that used Gemini to build phishing sites and send 2.5 million scam texts
Google filed a lawsuit on Friday to dismantle the infrastructure behind a Chinese cybercrime operation called Outsider Enterprise. The group used AI, including Google's own Gemini, to generate phishing websites and send scam text messages impersonating Google and other brands. It sent 2.5 million fraudulent texts to Android users in a two-week period. The operation deployed 9,000 fake websites and 1 million fraudulent web domains designed to steal passwords and credit card numbers. Google said the group has financially scammed "hundreds of thousands of victims" with losses "estimated in the millions." In just two weeks in May, 55,000 spam texts were flagged by Android users, more than two complaints per minute. The most damaging detail is in the court filing. Members of Outsider Enterprise actively encouraged each other to use Gemini to generate custom code for phishing websites, which was then imported into the group's software suite and converted into live scam pages. Google's own AI was used to build the tools targeting Google's own users. The group coordinated through Telegram and distributed "phishing kits" that allowed lower-level criminals to launch fake text campaigns mimicking trusted brands. Google said it uses "AI-powered tools to fight AI-powered scams," intercepting more than 10 billion scam messages per month through its detection systems. Google said it is coordinating with the FBI, which is taking unspecified law enforcement actions. The company is also working with AT&T, T-Mobile, and Verizon to block the scam texts before they reach users. The FBI did not respond to a request for comment. The lawsuit is civil, not criminal, meaning Google is seeking to shut down the infrastructure rather than put anyone in prison. It is the kind of action Big Tech companies increasingly use to go after cybercrime operations when law enforcement moves slowly or not at all, particularly when the perpetrators are in jurisdictions beyond the reach of Western authorities. The scale of the operation underscores how cheap AI-powered scams have become. Building thousands of convincing phishing pages used to require skilled developers. Now a Telegram group can use a frontier AI model to generate the code and deploy it at scale. AI is making attack tools cheaper across every category, from vulnerability discovery to social engineering. Outsider Enterprise is what that looks like on the distribution side: industrial-scale fraud built with off-the-shelf AI. Google said it will continue to invest in AI-powered scam detection and urged users to enable its spam protection features on Android. But the uncomfortable truth is that the same company selling the AI is now suing the people who used it for crime. AI agent security is not just a product feature problem. When the tools are this powerful and this accessible, the arms race between builders and abusers is permanent.
[9]
Google sues cybercrime network that used Gemini for financial scams
Google has filed a lawsuit against a cybercrime organization that was using Gemini to power its financial scams, while Google is also pushing for stricter laws that are more relevant to an AI era. The New York Times reports that Google has sued a China-based cybercrime network which, apparently, was using Gemini to "blast financial scams to hundreds of thousands of Americans." The network, known as "Outsider Enterprise," allegedly used Gemini to create fake websites mimicking Google and YouTube, as well as government operations such as the US Postal Service and New York's E-ZPass service. In a post on The Keyword - which never explicitly mentions that the scammers were using Gemini models - Google explains the scale of the organization: * Hundreds of thousands of victims have been financially scammed with losses estimated in the millions. * 9,000 fake websites and over 1 million fraudulent URLs connected to this group. * 55,000 spam texts were flagged by Android users in just two weeks this past May -- that's more than two text spam complaints a minute. * 2.5 million messages were sent by the Enterprise to Android users containing links to Outsider-generated websites over this two-week period. The lawsuit isn't Google's only action against AI-powered scammers. The company is coordinating with major US carriers and the FBI to shut down the cybercrime network, including blocking texts before they reach customers. The sheer scale of this is a good reminder - AI is a powerful tool for good, and for bad.
[10]
Google sues scam ring that used Gemini AI to build fraud sites
Google has sued a suspected Chinese cybercrime group called the Outsider Enterprise for sending 2.5 million fraudulent text messages to Android users. The scammers allegedly used Google's Gemini chatbot to code malicious websites, coordinated via Telegram, and generated 9,000 fake sites and over one million fraudulent URLs. Google has filed a lawsuit against a suspected Chinese cybercrime operation it calls the Outsider Enterprise, alleging the group sent more than 2.5 million fraudulent text messages to Android users over a two-week period in May. The messages contained links to fake websites designed to steal personal information, and the scammers reportedly used Google's own Gemini chatbot to help build those sites. The complaint, first reported by Bloomberg, accuses the network of targeting hundreds of thousands of people across the United States. According to Google, the operation generated 9,000 fake websites and more than one million fraudulent URLs. How the operation worked The Outsider Enterprise coordinated through Telegram, distributing links via text messages that impersonated Google and other trusted brands. The messages contained urgent warnings about supposedly compromised accounts or alerts about package tracking. Once users clicked, they were redirected to websites that asked for confidential information. The scammers reportedly encouraged one another to use Gemini to write the custom code necessary to create those malicious websites, according to the complaint. A pattern of escalation The lawsuit marks Google's second major legal action against China-based text message scam operations in seven months. In November 2025, the company filed a RICO lawsuit against a group it called Lighthouse, which operated a "phishing-as-a-service" platform selling ready-made scam kits. That earlier operation was accused of compromising between 15 million and 100 million credit cards in the US alone, according to CNBC. Google said a temporary restraining order effectively shut Lighthouse down within hours of the complaint being filed. The Outsider Enterprise case follows the same playbook but adds a new dimension: the explicit use of generative AI as a tool in the scam supply chain. Where Lighthouse sold phishing kits, Outsider's members allegedly used Gemini to generate code for their own operations. The AI misuse problem keeps growing The allegation that scammers used Gemini to build fraudulent infrastructure sits within a broader pattern of AI tools being weaponised for cybercrime. Google's own Threat Intelligence Group reported in May 2026 that state-sponsored actors from China, North Korea, and Russia are using AI for vulnerability research, autonomous malware development, and supply chain attacks. ESET, the cybersecurity firm, identified in February 2026 the first known Android malware to integrate generative AI directly into its execution flow. That malware, called PromptSpy, used the Gemini API to autonomously navigate victim devices. The cybersecurity industry's push toward governed AI has only intensified as these cases multiply. The pattern is clear: the same tools built to assist developers and consumers are being repurposed by criminal networks. Telecom companies joined the fight Google said it worked with AT&T, T-Mobile, and Verizon to block the Outsider Enterprise's texts from reaching potential victims. Nasrin Rezai, Verizon's chief information security officer, framed the effort as a cross-industry response. "We look forward to standing with Google, the telecom industry, and federal law enforcement in this coordinated effort to dismantle malicious domains and disrupt global cybercrime operations," Rezai said in a statement. The cooperation between a tech platform and the three largest US carriers reflects the scale of the threat. What the complaint does not say The complaint did not specify an estimated amount of money lost because of the spam messages. It also did not detail how many victims actually handed over personal information after clicking the fraudulent links. Meanwhile, China's own regulators have launched enforcement campaigns against AI misuse, targeting deepfakes, fraud, and disinformation. Whether those domestic efforts will address operations like the Outsider Enterprise, which allegedly targeted US consumers from China, remains an open question. The flags The 2.5 million messages and the 9,000 fake websites are figures cited from Google's own complaint, not independently verified totals. The complaint identifies the defendants as a suspected Chinese operation but does not name individual defendants. Bloomberg's report is the primary source for the lawsuit details. The specific claim that scammers used Gemini to write code for malicious websites comes from the complaint itself and has not been independently corroborated beyond Google's own filings.
[11]
Scammers used Gemini AI to power a massive phishing operation and Google just sued them
Google just sued the AI scam network sending millions of fake texts and building thousands of fraudulent websites. That suspicious text about an unpaid toll, a delayed delivery package, or expiring rewards points may no longer be the work of a lone scammer. These scam texts have been flooding American phones for years, but something has changed. Google says artificial intelligence is helping fraudsters run larger and more convincing operations than ever before. The company has now filed a lawsuit against a cybercrime network that used Gemini AI to create phishing websites and power a massive scam campaign targeting millions of users. AI scams are getting harder to spot Google's lawsuit targets a Chinese cybercrime network called the Outsider Enterprise. The group coordinated through Telegram and distributed phishing kits to criminals around the world. Recommended Videos Using Google's Gemini AI, they built fake websites impersonating trusted brands like Google, YouTube, and even the US Postal Service. They used AI to create hundreds of imposter websites at a scale that simply was not possible before. The group created over 9,000 fake websites and more than one million fraudulent URLs. In just two weeks ending June 1, Android users flagged 55,000 suspicious texts, and the Outsider Enterprise sent 2.5 million messages containing links to fake websites. The FBI estimates the operation has stolen 3.87 million credit card numbers from victims across dozens of countries, with total losses reaching $1.9 billion since July 2023 (via WSJ). What is Google doing about it? Google is asking a New York federal court to shut down the operation entirely. The company is working alongside the FBI and carriers AT&T, T-Mobile, and Verizon to block these texts before they reach your phone. Google's built-in messaging defenses already intercept over 10 billion malicious messages every month, and Android's scam detection tool flags suspicious calls and contacts in real time. Google is also pushing for seven bipartisan bills in Congress to make these protections permanent, arguing that legal action alone will not be enough to stop a threat that AI has made effectively limitless.
[12]
Google Sues Chinese Crime Group for Allegedly Using Gemini AI for Mass Phishing Scams
The FBI estimates the operation stole 3.87 million credit card numbers and caused $1.9 billion in losses since July 2023. Google filed a lawsuit Friday against alleged Chinese cybercrime network Outsider Enterprise for using the company's Gemini AI to automate fraudulent text messaging campaigns that targeted hundreds of thousands of U.S. victims with phishing sites designed to steal financial credentials. The defendants allegedly used Gemini AI to generate code and templates for fake websites that mimicked legitimate telecom portals, according to court documents. The FBI said the operation deployed more than 8,000 phishing websites across dozens of countries. Google received approximately 55,000 reports of suspicious messages on Google Messages in the two-week period ending June 1, many allegedly connected to Outsider Enterprise. The same court documents indicate the network stole an estimated 3.87 million credit card numbers, contributing to roughly $1.9 billion in losses since July 2023. The phishing sites allegedly targeted various financial accounts, including cryptocurrency wallets and exchange credentials, as scammers increasingly focus on digital asset holders who may have less recourse than traditional banking customers. The lawsuit emerges as AI-powered financial scams surge across the United States. The FBI received 1,008,597 total internet crime complaints in 2025, with crypto-related complaints accounting for 181,565 reports and $11 billion in losses -- the highest of any category. For the first time in its nearly 25-year history, the FBI's Internet Crime Complaint Center dedicated a section to artificial intelligence scams, which generated 22,364 complaints and cost Americans nearly $893 million. The bureau's Operation Level Up, launched in 2024, has notified over 8,000 cryptocurrency fraud victims and prevented more than $500 million in potential losses. Research has shown that even leading AI models can encourage harmful behavior, raising concerns as companies like Apple integrate AI capabilities into consumer products. The Google lawsuit represents a watershed moment in attempting to hold bad actors accountable for weaponizing AI tools against financial systems.
[13]
Google accuses Chinese cybercrime network of using its AI
Google has filed a lawsuit against a Chinese cybercrime network, alleging the hackers are using the company's Gemini artificial intelligence models and tools to build phishing software to rob consumers. The lawsuit, filed Friday in the U.S. District Court for the Southern District of New York, alleges the network created a phishing software called "Outsider," that also encourages hackers to use normal AI tools like Google's Gemini to recreate more fraudulent websites. The Outsider software allegedly tricks victims over text into thinking there is a problem with their brokerage accounts or that they are eligible for rewards through their phone carrier. From there, a user is sent to a fake website where users are duped into giving their personal and financial information, the suit stated. Victims were allegedly tricked out of millions of dollars, according to Google. The Outsider software has more than 290 pre-built templates impersonating legitimate institutions like financial service providers, government agencies and retailers, according to the suit. The group also made a tool with "step-by-step instructions on how Outsider can weaponize AI-generated code." With the instructions, hackers can create the custom code needed to turn the templates into fraudulent sites. "On their own, these prompts appear to be innocent requests for programming assistance," the suit states, adding, "Using this method, Enterprise members can create convincing duplicates of virtually any legitimate website in minutes. As a result, the 290 identified websites are "only a starting point," calling the potential for more phishing sites "limitless." The firm discovered more than a million URLs originating from the Outsider software. The Hill was unable to reach an attorney for the 25 "Doe" defendants listed in the suit. Google emphasized AI is enabling hackers to work at much faster speeds, stating it hopes the suit will disrupt the criminal enterprise to protect the online ecosystem. The lawsuit comes amid growing concerns about the role of AI in cybersecurity. These concerns seemed to reach a tipping point earlier this year after the AI firm Anthropic released its Mythos cybersecurity model to a select group of companies and government agencies. Mythos, according to Anthropic, is the most advanced model to detect security vulnerabilities. This can be a tool for critical infrastructure to patch up vulnerabilities, but also a powerful weapon for bad actors targeting websites, software and other infrastructure.
[14]
Google Takes Legal Action Against AI Scam Group Outsider Enterprise
Google says its systems block 10 billion harmful messages monthly Google has launched a coordinated effort to disrupt a large-scale cybercrime operation accused of using artificial intelligence tools to run phishing scams that impersonated trusted brands and targeted smartphone users through fraudulent text messages. The company has filed a lawsuit against the group, is working with the FBI and major US telecom operators, and is backing legislative measures to tackle AI-enabled fraud. The move comes as cybercriminals increasingly use AI tools to scale phishing campaigns and make scam messages more convincing. Google, FBI Team Up to Crack Down on AI-Driven Scam Operation The search giant has filed a civil lawsuit against a cybercrime network known as Outsider Enterprise, which it says operates from China and relies on Telegram channels to coordinate phishing activities. The company alleges that the group developed and distributed phishing kits that enabled users with limited technical expertise to launch text-message scams impersonating Google and other well-known organisations. The operation was linked to thousands of fraudulent websites and more than one million malicious web addresses, according to Google. The company estimated that hundreds of thousands of people had been affected by the scams, with financial losses running into millions of dollars. Google also disclosed that Android users reported 55,000 spam text messages connected to the operation during a two-week period in May. During the same period, the company detected 2.5 million messages containing links to websites associated with the network. Additional details cited by Google indicate that the platform offered more than 290 ready-made website templates designed to mimic banks, retailers, telecommunications providers and government agencies. The phishing service allegedly operated on a subscription basis and included tools that could generate fraudulent websites within minutes using AI-assisted methods. Court filings referenced by the company allege that the network used fake websites and deceptive text campaigns to obtain passwords, multi-factor authentication codes, payment card information and other sensitive data. Google also alleged that some members of the operation relied on services such as Google Cloud and Google Drive to host phishing infrastructure. The lawsuit forms part of a broader response involving the FBI, AT&T, T-Mobile, and Verizon. Google said the partners are working to block scam messages, disrupt the infrastructure that supports the operation, and assist law enforcement efforts targeting domains and online services linked to the alleged network. Google is also calling for legislative changes to address the growing use of AI in online fraud. The company said it supports seven bipartisan bills in the United States, including proposals to improve coordination among government agencies and strengthen anti-scam measures. Alongside legal and policy efforts, Google highlighted security systems already deployed across its products. These include scam-detection tools on Android devices and protections in Google Messages. According to the company, its messaging defences block more than 10 billion malicious messages every month.
Share
Copy Link
Google has filed a lawsuit against Outsider Enterprise, a China-based cybercrime operation that used the company's own Gemini AI to create fraudulent websites and send millions of scam text messages. The FBI estimates the operation stole 3.87 million credit cards and caused $1.9 billion in losses since July 2023, making it one of the largest AI-enabled phishing campaigns to date.
Google has launched legal action against a Chinese cybercrime network known as Outsider Enterprise, marking the first time the tech giant has directly sued a group for weaponizing its Gemini AI in fraudulent activities
1
. The lawsuit, filed in coordination with the FBI's Operation Ghost Hook, alleges that the group operated a sophisticated phishing-as-a-service platform that enabled thousands of criminals to launch AI-powered scams at unprecedented scale4
.
Source: Hacker News
The scope of the operation is staggering. According to the FBI, Outsider Enterprise has been linked to approximately 3.87 million stolen credit cards and an estimated $1.9 billion in losses since July 2023
4
. Google's complaint reveals that the group deployed 9,000 fraudulent websites, generated over 1 million malicious URLs, and sent 2.5 million scam text messages to Android users during a two-week period2
. In May alone, 55,000 spam texts were flagged by Android users—more than two text spam complaints per minute3
.The criminal network operated through Telegram, offering a turnkey phishing kit for $88 per week or $200 per month
4
. What made this AI-enabled cybercrime operation particularly dangerous was its accessibility—zero technical skill was required to launch attacks. The platform provided more than 290 pre-built templates impersonating banks, wireless carriers, government agencies, state DMVs, the U.S. Postal Service, and toll systems like New York's E-ZPass4
.
Source: Engadget
According to Google's legal filing, Outsider Enterprise distributed step-by-step instructions, including tutorial videos, showing customers how to use Google Gemini to generate HTML code for phishing pages
4
. The prompts were carefully crafted to appear innocuous—requesting a "gift redemption page" built with inline CSS and no JavaScript—to bypass Gemini's safety filters4
. This allowed criminals to rapidly generate convincing replicas of legitimate websites that could steal passwords, payment card details, and two-factor authentication codes in real-time2
.Outsider Enterprise functioned as a comprehensive criminal ecosystem with specialized roles. Google's complaint identifies several distinct groups within the operation: developers who maintained the phishing software and website templates; data suppliers who curated target lists from public records, social media, and data breaches; a "spammer group" providing tools and infrastructure to send bulk scam text messages using smartphone banks, SIM cards, and modems; and money launderers who monetized stolen credentials
2
.The cybercriminals brazenly coordinated their efforts through open, largely uncoded discussions on Telegram channels, where they trained each other, shared strategies, and developed new phishing attacks
2
. The platform's dashboard allowed operators to track the progress of their campaigns, while the software captured victim data in real-time and could request SMS codes, PINs, email codes, and app approvals on demand4
.Over a five-month period from November 14, 2025 to April 14, 2026, Google detected more than 1.59 million URLs connected to Outsider Enterprise
2
. The operation has stolen at least 36,000 payment cards issued by financial institutions across 95 countries2
.Related Stories

Source: Tom's Hardware
The FBI, working alongside Google and Lumen Technologies through Operation Ghost Hook, seized several domains used by the cybercriminals, along with Shopify storefronts and accounts used to test the phishing service
2
. The operation also confiscated approximately $100,000 in USDT from Outsider payment wallets, and thousands of phishing domains registered through U.S. providers now redirect to an FBI splash page4
."The criminals behind the Outsider Enterprise built a business out of impersonating trusted brands to defraud hundreds of thousands of victims," said Brett Leatherman, assistant director of the FBI's Cyber Division. "Criminals increasingly use AI to make fraud like this more convincing and harder to detect. Together with partners like Google, we can disrupt criminal networks in ways no single organization could on its own"
5
.Google has collaborated with AT&T, T-Mobile, and Verizon to block malicious scam text messages before they reach users
1
. The company's AI-powered scam detection feature in Google Messages intercepts more than 10 billion scam messages monthly, which likely caught some Outsider Enterprise activity1
.Google is pursuing claims under the Racketeer Influenced and Corrupt Organizations (RICO) Act and trademark infringement, though the company acknowledges that the unnamed defendants are unlikely to face extradition from China
4
. While the lawsuit may never result in courtroom proceedings, it aims to dismantle the infrastructure supporting these campaigns5
.This marks Google's second major action against phishing platforms, following a lawsuit against the Lighthouse phishing platform in November, which was tied to more than 1 million victims across 120 countries
4
. Google is using this case to advocate for new federal legislation, including the National Strategy for Combating Scams Act, the Strategic Task Force on Scam Prevention Act, and the AI Plan Act1
. Most of these proposals call for federal law enforcement agencies to establish task forces specifically designed to counter AI-assisted scams and market manipulation1
.The case highlights a critical tension in AI development: the same safety measures built into systems like Gemini can clash with the need for chatbots to follow instructions and assist users, creating vulnerabilities that sophisticated criminals can exploit
1
. As AI systems advance toward more human-like capabilities, detecting malicious AI-generated content will become increasingly challenging, even with enhanced public awareness and government oversight1
.Summarized by
Navi
[2]
1
Policy and Regulation

2
Policy and Regulation

3
Policy and Regulation
